Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa
File: fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa (raw, json)
Hash identifier: 3ecrWzY+uLNgu2RHo2ib8GSB6hP/OCKmSi5nXVrWfQA=
Subject key identifier: 7D:AC:91:60:04:5B:8E:A0:1F:3D:F6:E3:2C:63:46:27:BB:BA:05:DE
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 018EDCA026DF6393439E3A4601E34EC1600D
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa
Signing time: Sun 14 Apr 2024 12:41:06 +0000
ROA not before: Sun 14 Apr 2024 12:41:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42861
IP address blocks: 77.91.66.0/24 maxlen: 24
77.91.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:dc:a0:26:df:63:93:43:9e:3a:46:01:e3:4e:c1:60:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Apr 14 12:41:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dac9160045b8ea01f3df6e32c634627bbba05de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0f:4a:2e:22:9a:48:8c:59:fa:da:a3:eb:80:
67:ed:0a:87:2d:71:8f:11:6b:57:cc:1b:19:4a:ab:
18:8a:c1:0f:24:fe:e4:d5:f0:b1:e4:11:95:54:87:
f0:97:83:85:95:61:78:ba:13:74:16:c4:35:77:93:
58:17:2c:ad:43:12:72:02:bb:35:fd:bd:2f:e9:49:
cb:fe:9c:da:ac:ef:43:7f:b7:40:4b:f9:c5:06:bc:
10:04:44:b6:8e:b0:cc:f8:e2:2d:f8:88:f4:22:ce:
47:d9:54:4b:bf:28:4b:0f:50:4e:3e:36:53:69:5e:
73:7e:95:f5:55:c7:73:4e:5f:e2:a2:a3:98:70:9a:
ba:9f:3d:3b:e6:8a:64:23:db:a4:61:a3:26:47:56:
f2:d7:9f:31:1f:4c:df:01:72:41:36:fc:dd:b3:f7:
c7:d4:a7:93:58:72:59:0d:49:e5:be:1c:96:d8:14:
c7:a6:fd:d0:da:ee:cd:23:7f:e7:ef:16:a5:04:56:
c5:f1:b9:0c:9e:b2:91:de:46:89:9e:0a:33:02:c8:
bd:1f:ea:1e:57:7c:0c:e7:eb:92:3f:0d:a0:ba:07:
34:69:42:fe:f7:fa:b8:86:95:9a:f2:09:4e:49:fb:
e0:6d:48:24:30:b7:99:9d:e2:bb:8c:18:4b:b6:a3:
39:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AC:91:60:04:5B:8E:A0:1F:3D:F6:E3:2C:63:46:27:BB:BA:05:DE
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.66.0/24
77.91.76.0/24
Signature Algorithm: sha256WithRSAEncryption
77:08:47:3f:a9:96:9b:92:d2:cc:64:23:e3:77:9c:22:89:b5:
fe:0a:a4:93:69:7e:39:50:14:7d:d2:e7:8b:4f:d1:60:60:82:
ab:38:82:c0:e1:db:5a:73:ea:49:04:71:f0:29:92:03:82:99:
cd:3d:08:37:4b:79:af:bf:22:59:ed:81:c4:02:c9:b3:75:68:
8e:90:f4:c3:a5:ad:d9:c7:54:3e:83:a0:d5:1b:10:26:69:85:
f0:8d:9d:45:51:34:42:6c:1b:d9:3b:18:ed:10:c2:28:28:3d:
f4:0d:c6:b6:8d:58:22:15:65:e6:3c:20:80:e1:27:3f:9b:c5:
45:62:65:9b:de:f6:9d:6d:56:0d:d8:b3:a8:b1:1d:bc:5d:ba:
75:91:8e:fd:f3:3c:61:2b:0b:1b:68:d2:07:b4:e3:13:c9:24:
7d:17:fc:56:10:45:27:d8:87:87:a9:2b:63:a4:b3:b6:a5:2c:
81:04:cd:0a:18:65:11:d8:c7:37:34:21:3d:08:84:d3:b0:25:
ea:21:7e:7c:0f:21:95:77:46:ad:95:4e:e1:e1:88:7e:d5:b8:
80:9d:e3:59:36:a4:e4:7a:46:23:d0:5e:ed:65:16:17:ec:df:
92:94:76:98:b8:ab:17:8f:19:d9:49:07:4c:13:b0:f0:79:5d:
52:6b:88:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7coCbfY5NDnjpGAeNOwWANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQwNDE0MTI0MTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGFjOTE2MDA0NWI4ZWEwMWYzZGY2ZTMyYzYzNDYyN2JiYmEwNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A9KLiKaSIxZ+tqj64Bn7QqHLXGP
EWtXzBsZSqsYisEPJP7k1fCx5BGVVIfwl4OFlWF4uhN0FsQ1d5NYFyytQxJyArs1
/b0v6UnL/pzarO9Df7dAS/nFBrwQBES2jrDM+OIt+Ij0Is5H2VRLvyhLD1BOPjZT
aV5zfpX1VcdzTl/ioqOYcJq6nz075opkI9ukYaMmR1by158xH0zfAXJBNvzds/fH
1KeTWHJZDUnlvhyW2BTHpv3Q2u7NI3/n7xalBFbF8bkMnrKR3kaJngozAsi9H+oe
V3wM5+uSPw2gugc0aUL+9/q4hpWa8glOSfvgbUgkMLeZneK7jBhLtqM5QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH2skWAEW46gHz324yxjRie7ugXeMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvZmF5UllBUmJqcUFmUGZiakxHTkdKN3U2QmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVtCAwQA
TVtMMA0GCSqGSIb3DQEBCwUAA4IBAQB3CEc/qZabktLMZCPjd5wiibX+CqSTaX45
UBR90ueLT9FgYIKrOILA4dtac+pJBHHwKZIDgpnNPQg3S3mvvyJZ7YHEAsmzdWiO
kPTDpa3Zx1Q+g6DVGxAmaYXwjZ1FUTRCbBvZOxjtEMIoKD30Dca2jVgiFWXmPCCA
4Sc/m8VFYmWb3vadbVYN2LOosR28Xbp1kY798zxhKwsbaNIHtOMTySR9F/xWEEUn
2IeHqStjpLO2pSyBBM0KGGUR2Mc3NCE9CITTsCXqIX58DyGVd0atlU7h4Yh+1biA
neNZNqTkekYj0F7tZRYX7N+SlHaYuKsXjxnZSQdME7DweV1Sa4ht
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:46:35 2024 by rpki-client on console-fra.rpki-client.org